[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] Formmail + RBL checking
- Subject: [cobalt-security] Formmail + RBL checking
- From: cobalt@xxxxxxxxxxxxx
- Date: Mon, 19 Aug 2002 15:42:28 +0100
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi,
I have modified the standard formmail.pl script from Matts Script
Archive to do some RBL (Relay black list ) checking.
Basically, it works for me, but I am interested in some peer
feedback.
I don't really count mysql as a perl guru so feel free to send me
suggestions / improvements / flames.
The script uses the perl module:
Mail::RBL
available from CPAN.
(http://search.cpan.org/author/LUISMUNOZ/Mail-RBL-1.00/)
The script is available here:
http://www.fishnet.co.uk/formmail-rbl.zip
There are several options at the beginning which can be modified.
There is also a html page which contains a test form. Please modify
these to reflect your setup.
Who this is for
-------------------
Basically you need to know how the usual formmail script works, how
to install perl modules and how to use a cgi-script. You will also
have to change permissions on files and edit them.
If you don't know how to do these things then try by all means, but
this isn't really the list to ask those sort of questions. You can
ask me if you like, but I won't guarantee that I will answer. Not
because I'm ignorant, but because I am at work and am very busy.
How it works
-----------------
The usual 'referer' and 'recipient' variables must be set.
The script checks if the referer is allowed (which can be faked), if
it is, the script then checks the 'whitelist', if the users IP
matches, it is allowed to relay.
If it is not in the whitelist, the script moves on to the blacklist,
if found, it is blocked immediately. If not found then the rbl
checks are done. If the users IP is found in any of the rbl lists,
then the mail is blocked.
What needs doing
------------------------
Modify to allow host names in whitelists & blacklist - help ?
More info in rejection message - ie. urls for blacklists etc.
Hacks to get it working
------------------------------
1. Raq 4i
I had to install these modules first in order to install Mail::RBS
File::Spec
ExtUtils::MakeMaker
Once Mail::RBS is installed, I had to modify the module:
usr/lib/perl5/site_perl/5.005/Mail/RBL.pm
First, change perms so you can write to the file.
Then patch out the following lines:
1 package Mail::RBL;
2
3 #require 5.005_62;
4 use strict;
5 #use warnings;
6 use Carp;
7
8 #our $VERSION = '1.00';
( line numbers added for clarity)
2. Windows
Installed Mail::RBL - It worked.
This is the first instance in my life where I have had to hack the
linux version more than the windows one - strange...
----------------------------
DISCLAIMER
------------------
I am not guaranteeing that this will work , stop spammers or even
leave your server in a workable state, so please don't blame me.
It all works for me, but that may have been a fluke.
Thats it.
Regards
Ian
--